Malware deliver keylogger and crypto currency miner on WordPress
February 2, 2018
On January 29, 2018, Security Researcher at Sucuri discovered sites running WordPress have been infected with a malware that deliver both keylogger and crypto currency miner.
Outdated and poorly configured WordPress and Server software including third-party themes and plugins.
Users will experience slow performance when visiting the compromised website.
Cryptocurrency miner running on the background will be taking up 60% or more of the CPU’s resources.
Keylogger will capture password and other confidential information.
Netpluz recommends end users to install antivirus tools, such as Sophos Endpoint which can prevent malicious process that allow the cryptocurrency mining to proceed and ability to block or selectively allow adware and other Potentially Unwanted Applications (PUAs).
For System Administrators:
- Identify and remove the malicious scripts from their WordPress website:
Examples of identified malicious scripts include:
- Change all WordPress passwords
- Update all server software including third-party themes and plugins